Sparebanken Møre’s long-term strategic development and target achievement are supported by high quality risk- and capital management. The overall purpose of risk management and -control is to ensure that goals are achieved, to ensure effective operations and the handling of risks which can prevent the achievement of business related goals, to ensure internal and external reporting of high quality, and to make sure that the Group operates in accordance with relevant laws, rules, regulations and internal guidelines. Risk-taking is a fundamental aspect of banking operations, which is why risk management is a central area in the day-today operations and in the Board of Directors’ ongoing focus.
Sparebanken Møre’s Board of Directors has agreed overall guidelines for management and control throughout the Group, as well as a separate risk policy. The Group shall have a low to moderate risk profile and revenue generation shall be a product of customer-related activities, not financial risk taking. In addition, the bank has introduced separate policies for each significant risk area: credit risk, counterpart risk, market risk, funding risk and operational risk. The risk strategies are agreed by the Board of Directors and revised at least once a year, or when special circumstances should warrant it. The Group has established a follow-up and control structure, which shall ensure that the overall framework of the strategic plan is adhered to at all times.
Corporate culture, organisation and responsibility
The risk management process is based on the bank’s and group’s corporate culture. This includes management philosophy, management style and the people in the organisation. Staff’s integrity, value basis and ethical attitudes represent fundamental elements in a well-functioning corporate culture. Well-developed control and management measures cannot compensate for poor corporate culture. Against this background, Sparebanken Møre has established clear ethical guidelines and a clear value basis, which have been made well known throughout the organisation.
Sparebanken Møre attaches a great deal of importance to independence in the risk management. The responsibility for, and execution of risk management and control is therefore shared between the Board of Directors, management and operative units.
The Board of Directors of Sparebanken Møre bears the overall responsibility for ensuring the bank and the group having adequate primary capital based on the desired levels of risk and the group's activities, and for ensuring that Sparebanken Møre is adequately capitalized based on regulatory requirements. The Board shall also ensure that risk management and internal control is adequate and systematic, and that this is established in compliance with laws and regulations, articles of association, instructions, and external and internal guidelines. The Board also sets out the principles and guidelines for risk management and internal control for the various levels of activity, and regularly revises and adopts, at least once a year, various strategies and guidelines for risk management.
The Audit and Risk Committee is elected by and amongst the members of the Board of Directors. The committee is a sub-committee of the Board. Its purpose is to carry out more thorough assessments of designated areas and report the results to the Board. The Audit and Risk Committee shall ensure that the institution has independent and effective external and internal auditors, and satisfactory financial statement reporting and risk management routines, which comply with all pertinent laws and regulations.
The CEO is responsible for ensuring the establishment of appropriate risk management and internal control on the basis of assessments, agreed principles and guidelines introduced by the Board. The CEO is responsible for ensuring that good control environments are established in all levels of the bank and shall continuously monitor changes to the bank's risks and ensure that these are properly addressed in accordance with the Board's guidelines. The CEO shall ensure that the bank's risk management and internal control is documented according to current laws, rules, regulations and statutes, and shall, at least once a year, prepare an overall assessment of the risk situation, which shall be presented to the Board for their consideration.
The Risk Management Department is responsible for preparing and designing systems, guidelines and procedures for identifying, measuring, reporting and following up the bank’s most important inherent risks. The department is responsible for ensuring that the total risk exposure of Sparebanken Møre, including results of conducted stress tests, is reported to the CEO and the Board of Directors. Further, the department bears primary responsibility for the IRB process in the Group. It is also a key setter of conditions and adviser in the strategy process concerning risk assessments, risk tolerance and operationalisation of the bank's overall goals with regard to risks. The department also has responsibility for supervising the annual ICAAP work, and to coordinate the annual internal control confirmations from the operational managers. The department forms part of the Financial Control, Risk Management, HR and Security Division, which reports directly to the CEO.
Pursuant to the requirements in the Act on Financial institutions and Financial groups, Sparebanken Møre has an own compliance function. Each year, the Board of Directors of Sparebanken Møre approves compliance instructions, and an annual work and action plan is prepared for the function. The head of compliance reports to Sparebanken Møre's CEO, but is organizationally subordinate to the head of the Credit and Legal Division.
Finance & Accounting is responsible for the group's total financial management/reporting and accounting, and is part of the Financial Control, Risk Management, HR and Security Division.
Sparebanken Møre`s operative managers of important business areas shall actively involve themselves in the process surrounding the assessment of whether or not the established risk management and internal control is being conducted as assumed. It is assumed that all managers at every level of the organisation are monitoring the approved control measures within their area of responsibility.
Sparebanken Møre`s Credit Committee deals with larger commitments and matters of a special nature, and shall provide an independent proposal to the person holding the power of attorney. The Credit Committee attaches special importance to the identification of risk in connection with each credit application, and makes its own assessment regarding credit risk. In addition, consideration is made whether commitments are in accordance with the Group’s credit risk strategy, credit policy, credit-granting rules and regulations, and credit handling routines.
The internal auditing is a monitoring function which, independent of the rest of the bank’s administration, deals with systematic risk assessments, control and examination of the Group’s internal control in order to ascertain whether it works according to its purpose and in a reassuring manner. The bank`s Board approves the resources and annual plans of the internal auditing. The internal auditor should also discuss the plan and scope of the audit work with the Audit and Risk Committee. The internal audit in Sparebanken Møre is outsourced to BDO.
Sparebanken Møre focuses on correct, complete and timely reporting of the risk and capital situation. Based on this, a number of different types of periodic reporting have been established, which are intended for the group's management group and Board, as well as reporting intended for the individual segments and departments, including customer account managers. The most important reports during the year are as follows:
ICAAP is carried out and reported at least once a year. The Board actively participates in the review and establishes ownership of the process, including through ICAAP's key role in the long-term strategic planning. Specific guidelines have been prepared for ICAAP in Sparebanken Møre. ICAAP is reviewed by the bank's management team, the Audit and Risk Committee and the Board of Directors.
A balanced scorecard report is prepared every month. This illustrates the status and performance of the most important factors for Sparebanken Møre's target attainment. The report is being submitted to bank managers and the bank`s management team, and it is an integral part of the financial reporting to the Board of Directors.
A risk report is prepared every month. This is a key element of Sparebanken Møre's continuous monitoring of its risk situation. At the end of the quarter the risk report will also be expanded with supplementary comments from various disciplines within the Group, including the Chief Economist, the Head of Sunnmøre Corporate Division, the Head of Retail Division, and the Head of the Treasury & Market Division. The report is dealt with by the bank`s management team, Audit and Risk Committee and Board of Directors.
Internal control reports are produced for all business areas and regions every year. In this an assessment is made of whether or not the internal control is adequate in relation to the risk tolerance. This includes an assessment of and comments on their own work on internal control, a review of all important risk areas, an assessment of their own compliance with external and internal regulations, and suggestions for and planned improvement measures. The internal control reports are dealt with by the bank`s management team, Audit and Risk Committee and the Board of Directors.
Compliance reports are prepared regularly and contain elements linked to an assessment of compliance risk and control, testing of compliance and the results of these tests, reassessments and plans for implementing guidelines, the follow-up of observations from external and internal auditors, the follow-up of observations from the FSA, deviation management in internal control, etc. The compliance reports are dealt with by the bank`s management team, Audit and Risk Committee and the Board of Directors.
Reports from external and internal auditors are dealt with by the bank`s management team, the Audit and Risk Committee and the Board of Directors. Both internal and external auditors have at least annual meetings with the Audit and Risk Committee.
Reports on mortgages are prepared quarterly for the bank`s Board of Directors.
A reporting tool has been established in Sparebanken Møre, in which each member of staff with customer responsibility has access to reports which show the position and development of credit risk in his or her portfolio. The reporting tool has a hierarchical structure, allowing managers in Sparebanken Møre to monitor performance within their area of responsibility. The reports are also used to analyse customers, portfolios and different industries. The reporting tool provides customer account managers with an overview of the customers' positions and limits in relation to exposure to financial instruments.
Finance and accounting reports are prepared monthly, and include monthly calculations of collective impairment, as well as loss reviews of portfolios with a focus on the need for individual impairment. The reports are dealt with by the bank`s Executive Management Group, Audit and Risk Committee and the Board of Directors.
Sparebanken Møre’s equity and related capital is composed with regard to several considerations. The most important considerations are the Group’s size, Møre og Romsdal’s internationally orientated industry and commerce, and a stable market for long-term funding whenever external funding is required. Furthermore, the Group’s long-term strategic plan is a significant provider of conditions with regard to which capital structure Sparebanken Møre should adopt.
Assessments of risk profile, capital requirements and profitability are always based on the group's long-term strategic plan. The group's capital requirements are calculated, at least, in the annual ICAAP. The group's primary capital shall at all times fulfil the minimum requirements for capital adequacy, and comply with the group`s accepted risk tolerance. The ICAAP clarifies all the alternatives the group can implement if the group's capital adequacy is subjected to stress. The alternatives are listed in a prioritized order, with description of measures, and indication of planned implementation if necessary.
Sparebanken Møre's aim is to achieve financial results which provide a good and stable return on equity. The results shall ensure that all equity owners receive a competitive long-term return in the form of dividends and capital appreciation on the equity. The equity owners' share of the annual profits set aside as dividend funds, shall be adjusted to the equity situation. Sparebanken Møre's allocation of earnings shall ensure that all equity owners are guaranteed equal treatment.
Capital adequacy rules and regulations
The purpose of the EU’s capital adequacy directive is to strengthen the stability in the financial system through more risk-sensitive capital requirements, better risk management and control, more stringent supervision and more information provided for the market.
The capital adequacy directive is based on three pillars:
• Pillar I – Minimum requirement for equity and related capital
• Pillar II – Assessment of aggregate capital requirements and regulatory follow-up (ICAAP)
• Pillar III – Publication of information
Sparebanken Møre`s capital adequacy is calculated according to the IRB Foundation Approach for credit risk. Calculations related to market risk are based on the Standard Approach and operational risk on the Basis Approach. Sparebanken Møre’s Board of Directors insists that the group must be well capitalised, both during economic downturns and periods of strong economic expansion. Capital assessments (ICAAP) are conducted every year, and the group’s capital strategy is based on the risk in the group’s operations, different stress scenarios having been taken into consideration.
Reference is made to note 30 concerning "Capital adequacy" for further descriptions, as well as comments related to changes in the regulations.
Risk exposure and strategic risk management
Sparebanken Møre is exposed to several different types of risk. The most important risk groups are:
• Credit risk: This is the group’s most significant area of risk. Credit risk is defined as the risk of loss due to customers or other counterparties being unable to meet their obligations at the agreed time, and in accordance with written agreements, and due to the collateral security held not covering the outstanding claims. Counterparty risk and concentration risk are also included in this area of risk.
• Market risk: The risk of loss in market values relating to portfolios of financial instruments as a result of fluctuations in share prices, foreign exchange rates and interest rates.
• Liquidity risk: The risk of the group being unable to meet its obligations and/or fund increases in assets without incurring significant extra costs in the form of fall in prices of assets which have to be sold, or in the form of particularly expensive funding. The level of the institution`s capital is a key condition to attract necessary funding at any time.
• Operational risk: The risk of loss due to insufficient or failing internal processes and systems, or due to human error or external events.
Sparebanken Møre tries to take account of the interaction between the various risk areas when setting desired levels of exposure. Overall it is the internal conditions, general conditions, customer base, etc. within the group which form the basis for setting the desired overall risk exposure.
Based on an evaluation of the risk profile, management and control, Sparebanken Møre has set the following overall levels of risk exposure for the various risk areas:
• Credit risk: A moderate to significant level of risk is accepted
• Market risk: A low level of risk is accepted
• Funding risk: A moderate level of risk is accepted
• Operational risk: A low to moderate level of risk is accepted
The group’s risk is quantified partly through calculations of expected loss and the requirement for capital in order to be able to cover unexpected losses. Expected losses and financial capital are calculated for all main groups of risks, and for different business areas within the group. Expected loss describes the amount which in statistical context the bank must expect to lose during a 12-month period. Financial capital describes the amount of capital the group deems to be required in order to cover the actual risk which has been incurred by the group. Statistical methods for the computation of financial capital have been used as a basis. Please also refer to note 30 regarding capital adequacy for further comments concerning financial capital.
Credit risk represents Sparebanken Møre’s most significant risk area. Included in this risk area are counterparty risk and concentration risk. The group is exposed to this type of risk through its lending products for the retail market and corporate customers, and through the activities of Sparebanken Møre's Treasury & Markets Division.
The credit risk strategy is revised and agreed each year by the Board of Directors. The strategy focuses on risk sensitive limits, which have been designed in such a way that they manage the group’s risk profile within the credit area in the most appropriate and effective manner. Furthermore, limits, guidelines, and power of attorney-related rules and regulations have been established, which underpin and support Sparebanken Møre’s credit risk strategy and long-term strategic plan.
The core values of Sparebanken Møre are “Committed, Close and Sound”. These values are to be reflected in all contact with the market, create added value for the customers and help create a positive view of Sparebanken Møre. The credit policy is intended to promote a credit culture in which creditworthiness is viewed in a long-term perspective, where general and industry economic fluctuations are taken into account. Sparebanken Møre shall conduct itself in accordance with high ethical standards, and shall not be associated with activities, customers or industries of dubious repute. The group is open to all types of customers within defined market areas, and discrimination based on the customer`s age, gender, nationality, religion or marital status shall not occur.
Sparebanken Møre's geographic core region is the county of Møre og Romsdal. However, it is allowed to financially support investments/businesses outside its core region when, from an ownership perspective, they are linked to individuals or companies in/from Møre og Romsdal. Commitments outside the group's market area will also be considered as part of the deliberate diversification of the portfolio in terms of segment and geographical exposure. In such cases the group's strategy sets clear limits for the maximum risk level for an individual commitment.
The Department for Risk Management has established monthly portfolio management reports which ensure that any discrepancies from the strategic targets incorporated in the credit risk strategy are identified. Officers responsible for the concepts relating to corporate and retail banking respectively, have independent responsibility for the ongoing monitoring of the position, in order to identify discrepancies in relation to the same strategic targets, and in order to implement measures in the case of any discrepancies having occurred.
The Board of Directors is responsible for the group’s granting of loans and credits. Within certain limits, power of attorney is delegated to the bank’s CEO for the operational responsibility with regard to decisions in credit matters. Within his powers of attorney, the CEO may delegate powers of attorney to other officers in the bank. The grant authorisations are personal and graded after criteria like the size of grant, the limit of the commitment (corporate customers), the customers total debt (retail customers), and class of risk. Further, the power of attorney is related to the employee`s job level.
Sparebanken Møre actively uses internal reports in order to monitor the level and development of the group’s credit portfolio. Each member of staff with customer responsibility has access to reports which show the position and development in the credit risk in his or her portfolio. The reports are prepared on a hierarchical basis, enabling the bank’s management to monitor the development within their own area of responsibility. The reports are also used to analyse customers, portfolios and different sectors.
The group has prepared separate risk models for the corporate and retail markets, which are used in monthly measuring and reporting of credit risk. The group has also developed application score models for the two customer segments, which are being used in the credit granting process.
There are mainly three central parameters within credit risk for which models are applied:
1. Probability of default (PD): PD is calculated per customer and states the probability of the customer defaulting on his or her outstanding commitment during the next 12 months. A separate PD is calculated for each customer, based on statistical models using variables of both external and bank-internal information, in the form of both financial key figures and non-financial criteria.
2. Degree of loss in the case of default (LGD): LGD indicates how big a part of the commitment is expected to be lost in the case of default. The assessments take into consideration the values of the collateral provided by the customer, and the costs which would be incurred in the case of the recovery/collection of commitments in default.
3. Expected exposure in the case of default (EAD): EAD indicates the level of exposure which is expected in connection with a commitment if and when it goes into default.
The abovementioned parameters form the basis for calculation of expected loss (EL), and are included in the computation of financial capital. By classifying customers according to probability of default, and by estimating the level of loss and the requirement for financial capital at customer level, the group obtains information about the level and development of the aggregate credit risk in the total portfolio. In-house migration analyses show the development of the number of customers and EAD between different risk classes during different periods.
Treasury risk is part of Sparebanken Møre's total credit risk. Board adopted limits for the Group's credit exposure in this area have been defined.
Credit exposure is linked to bonds and certificates in the group's liquidity portfolio, short-term lending to other banks, including accounts held in foreign banks, and exposure in connection with financial derivatives which are signed to neutralise already present interest and currency risk which the bank has assumed. The portfolio consists of reputable domestic and foreign relationships.
Sparebanken Møre's policy is that, especially in relation to placements in international banks and other debtors outside Norway, the group shall use assessments carried out by the major official ratings agencies. The credit risk shall be at a minimum, but even highly rated issuers/papers can be exposed to risk. If a counterparty's status is changed to a negative outlook or their rating falls, Sparebanken Møre carries out a new internal assessment of existing lines of credit. If necessary the line of credit, and any exposure, is reduced or eliminated.
Treasury risk is also viewed in the context of adaptations to the funding indicators LCR and NSFR, as well as the FSA`s two liquidity indicators. The LCR regulations entail a movement towards lower risk weighted counterparties, including state and state guaranteed papers and covered bonds.
The pre-classification process emphasises considering banks with which Sparebanken Møre has a mutual (reciprocity) and long business relationship. It is also necessary to have sufficient competition in products and instruments that are traded, as well as diversification in market and geography for Sparebanken Møre.
If changes occur in general conditions, the market, economic trends or Sparebanken Møre's activities which have a material effect on the group's risk positions, limits must be assessed and possibly set for investment opportunities. This involves, for example, not investing in some countries, groups of countries, individual counterparties, counterparties with certain attributes, etc.
Sparebanken Møre and Møre Boligkreditt AS require the signing of CSA (Credit Support Annex) agreements before trading of derivatives against any counterparties. CSA agreements are part of an ISDA agreement and help to regulate the counterparty risk associated with changes in market conditions. This provides Sparebanken Møre with collateral for any given exposure. The agreements with counterparties define when the collateral shall be transferred between the parties. Sparebanken Møre practices cash collateral in relation to its counterparties. The market value of all derivatives signed between Sparebanken Møre and the counterparty is settled either daily or weekly. This will largely eliminate the counterparty risk. EMIR - European Market Infrastructure Regulation –will ensure regulation and control of the market for derivatives traded outside regulated markets by requiring reporting of transactions to transaction records, and requirements for settlement (clearing) through central counterparties (CCPs). Sparebanken Møre will adapt to these regulations.
Sparebanken Møre’s market risk is managed through defined position limits for each risk area. Management of market risk is set out in Sparebanken Møre’s market risk strategy. The strategy is adopted by the Board of Directors, and provides the overall guidelines for the group’s activities in the capital market, including the framework for Sparebanken Møre’s total exposures within currency, interest rate and shares.
The Group’s market risk can be divided into the following areas:
• Interest rate risk: Consists of market risk associated with positions in interest-bearing financial instruments, including derivatives with underlying interest instruments. Interest rate risk related to the liquidity portfolio, as well as hedging transactions related to it, are considered separately and will have its own set of risk parameters. See note 12.1 for the group's interest rate risk.
• Equity risk: Consists of market risk on positions in equity instruments, including derivatives with underlying equity instruments. Shares in subsidiaries are not included. Sparebanken Møre has a very limited trading portfolio. The financial risk of Sparebanken Møre is considered to be low and reassuring. See note 15 for the equity risk of the Group.
• Currency risk: Consists of the risk of losses when exchange rates change. All financial instruments and other positions with currency risk are included in the assessment. Currency risk on the banking book, that is, foreign exchange risk arising as a result of hedging customer trading, including lending/deposit business, is considered separately and will have its own set of risk parameters.
Sparebanken Møre`s exposure to currency risk is a result of mismatch between the underlying business and hedging transactions, as well as the necessary reserves of the group's work accounts in foreign banks. Changes in exchange prices in the market cause changes in the value of Sparebanken Møre`s currency position. The currency position also includes Sparebanken Møre`s cash holdings of notes denominated in foreign currencies. Sparebanken Møre has no trading portfolio of FX contracts. Sparebanken Møre`s currency risk is low and well within the limits specified in the regulations. See note 12.2 for the group's currency risk.
• Spread risk: Defined as the risk of changes in market value of bonds and commitments as a result of general changes in credit spreads.
• Total market risk: The overall risk assessment is obtained by comparing the assessments of areas of interest rates, equities and foreign exchange. The FSA`s methodology in this area form the basis for assessing the overall market risk. Assessments are based on three risk factors:
• Risk spreading
• Market liquidity
Any diversification effects between asset classes are not taken into account.
Based on the recommendation from the CEO's Balance Board Committee, the Board of Directors annually approves a total budget for the market risk of Sparebanken Møre. The framework is adapted to the group's activity level and risk tolerance. If required, the overall framework may be changed more frequently than the annual review.
Total limit for market risk is defined as the maximum loss on a stress scenario where the FSA`s methodology is applied. The approved overall market risk limit is delegated to the CEO, while the head of the Treasury & Markets Division has administrative authority for the overall market risk limit. The division leader is responsible for administration of the limits within the various sub-portfolios being complied with at all times.
Treasury & Markets Division has an independent responsibility for ongoing monitoring of positions within the various portfolios and daily follow up, or with the frequency required in relation to the level of activity. The Risk Management department has primary responsibility for monitoring, reporting and control of the market risk area. Back Office is responsible for transaction control and processing of payment transactions.
SimCorp Dimension (SCD) is the principal risk management system in Sparebanken Møre within the market risk area. The system provides current status of market development. All financial instruments are recorded in the system and monitored continuously. The risk management department is responsible for good quality in valuation of financial instruments.
The risk management department monitors the compliance of the risk management framework and strategy continuously. If activities exceed limits or strategy, written reporting instructions are specified.
Reporting of the market activity is part of Sparebanken Møre`s periodic "Risk Report" to management, Audit and Risk Committee and Board of Directors. Monthly earnings performance reports are prepared, as well as actual risk exposure within each portfolio, both individually and in aggregate. The reports are compared to maximum activity frame and overall market risk limit (stress frame). The Board is also given a quarterly record of any violation of the framework, the strategy, or laws and regulations.
There is no performance-based compensation to any person working in the market risk area beyond what is included in Sparebanken Møre`s general bonus scheme which deals with, and is equal to, all employees of the Group.
Liquidity may be defined as the group’s ability to fund increases in assets and to meet its obligations as funding requirements occur. Sparebanken Møre is liquid when it is able to repay its debt as it falls due.
Management of the group’s funding risk is based on the overall financing strategy, which is evaluated and approved by the Board of Directors at least once a year. The strategy reflects the moderate risk level accepted for this risk area.
The group's funding risk requires special monitoring. This is due to the group's special position as a manager of deposits for small and non-professional participants, as well as the central role the group plays in payment systems. The banks’ duty to accept deposits from a non-specific base of depositors and the fact that these deposits are normally available on the same day, means that they face considerably greater risk than other financial institutions. The authorities' loan schemes and safety net for banks are based on these precise factors. The costs of reducing funding risk must be viewed in the context of the advantages lower funding risk provides. One fundamental prerequisite for maintaining the trust of depositors and other lenders is that the institutions always have sufficient liquidity to cover current liabilities.
LCR measures institutions' ability to survive a 30-day stress period. LCR increases the importance of high quality liquid assets. NSFR measures the longevity of an institution's funding. NSFR entails institutions having to fund illiquid assets with the aid of a greater proportion of stable and long-term funding. In this context, deposits are not regarded as an equally stable source of funding, which means that the quality of the deposits will increase in importance. This also means that financial institutions must, to a greater degree, fund themselves through bond issues with a higher maturity. Until the definition and calibration of the NSFR is finalized, Sparebanken Møre will use Liquidity Indicator 1.
Sparebanken Møre is adapting to the new regulations, by both modifying its internal strategies and by making actual adaptations. The group also regularly reports on the trends for new liquidity indicators to the supervisory authorities in line with the disclosure requirements.
The group's long-term strategic plan, "Møre 2020", sets out a liquidity strategy in which Sparebanken Møre shall adapt to the structure and volume of the LCR requirement. The LCR requirement is phased in over time and was 80 per cent at 31 December 2016, and will be increased to 100 per cent as of 31 December 2017.
At year-end 2016, the LCR indicator for the Group was 91 per cent, the FSA`s Liquidity Indicator 1 was 104 per cent and Liquidity Indicator 2 was 112 per cent. In the composition of the external funding, priority is given to having a relatively high share of maturities above one year.
The funding activity in Sparebanken Møre is organised within the Treasury & Markets Division. The division controls the funding on a day to day basis, and has the responsibility to meet the funding requirements in Sparebanken Møre, including utilization of the mortgage company Møre Boligkreditt AS.
Liquidity control management is maintained by both the Treasury & Markets Division and by the Risk Management department. In this respect there is a distinction between the overall and the daily operational cash management and control. The daily operational management responsibility is handled by the Treasury & Markets Division, while the overall risk management, including strategies and framework controls, are handled by the Risk Management department.
Upon the occurrence of abnormal situations regarding liquidity, either in the market or within Sparebanken Møre, the bank's emergency task force comes together. The group consists of the following persons:
• CEO (leader)
• EVP Treasury & Markets
• EVP Information and Administration
• EVP Financial Control, Risk Management, HR and Security
• Head of Risk Management
• EVP Sunnmøre Corporate Banking
• EVP Retail Banking Division
• Managing director of Møre Boligkreditt AS
• Head of Treasury
The Board receives monthly reports on the liquidity situation. This report includes several key figures. In addition, early warning signals are reported by viewing the development of financial strength, development of balance sheet numbers and income statement, losses/defaults and the development of cost of funds.
The funding risk is attempted reduced by spreading funding on different markets, sources, instruments and maturities. In order to ensure the group's funding risk is kept at a low level, lending to customers must primarily be financed by customer deposits and long-term securities issued. There is a heavy focus on efforts to increase ordinary deposits in all customer-related activities throughout the bank. The deposit to loan ratio in Sparebanken Møre was 62 at year-end.
The Board shall be informed of the bank’s liquidity situation on a monthly basis, and immediately of any important events which may affect the bank’s current or future liquidity situation. The reporting tries to identify the funding situation during normal operations, identify any “early warning” signs and assess the bank’s stress capacity.
Møre Boligkreditt AS has a license from the FSA to operate as a mortgage company, and it provides the group with increased diversification of its funding sources. During 2016, the company issued covered bonds quoted in Norwegian krone (NOK). The Parent Bank has throughout the year transferred parts of the residential mortgage portfolio to the mortgage company.
Operational risk includes all the potential sources of losses related to Sparebanken Møre's current operations. The group has classified various types of operational risk into the following main categories:
• Internal fraud
• External fraud
• Employment conditions and safety in the workplace
• Customers, products and business practices
• Damage to assets
• Interruptions to operations and/or systems
• Settlements, delivery or other transaction processing
The Board of Directors of Sparebanken Møre has decided that a low to moderate risk profile is accepted related to operational risk. An overall risk strategy for this risk area is established, and there are several documents which support the group’s risk management. These documents include the ICT-area, contingency plans for personnel and property, security handbooks, authorisation structures, ethical guidelines and insurance strategies. Further, there are established guidelines for compliance of:
• Money laundering Act with regulations
• Securities Trading Act with regulations
The group's Legal Department helps to monitor and reduce operational risk. The Compliance Department has established board adopted instructions, work plans and action plans. Sparebanken Møre has established an annual Security Forum for people responsible for security in the group, and meetings of the group's Security Committee are held regularly.
Operational responsibility for managing and controlling operational risk, and thus also the quality of Sparebanken Møre's operations, is borne by each manager involved. This responsibility follows from job descriptions and various guidelines and routines. All managers annually confirm to the CEO the quality of and compliance with internal controls within the risk areas stipulated in this document. They also suggest areas for improvement which are incorporated into special action plans. The CEO presents the report to the Audit and Risk Committee and the Board of Directors. The annual ICAAP also involves a review of the group's material risk areas in which a great deal of attention is paid to operational risk.
Beyond the annual management report and annual ICAAP, the bank’s management and Board of Directors receive reports throughout the year which includes areas that are included in operational risk; compliance reports, safety reports, reports from the Internal Auditor, reports from the External Auditor, work environment surveys, internal service quality surveys, ICT-reporting, industry analysis, as well as any reports from the authorities.
For noted items in the reporting, measures are prepared to cope with deviations, and deadlines and persons in charge are given. Monitoring of the performance level for the measures is followed by the Business Committee on a monthly basis.
The group’s established internal control routines are an important tool for reducing operational risk with regard to both identification and follow-up.
Internal control must be designed in order to provide reasonable certainty with regard to the achievement of goals and targets within the areas of strategic development, targeted and effective operations, reliable reporting and adherence to relevant laws, rules and regulations, including compliance with group-internal guidelines and policies. Furthermore, a well-functioning internal control shall ensure that the bank’s risk exposure is kept within the agreed risk profile.
The internal control at Sparebanken Møre is organised in a decentralized manner with the Division for Financial Control, Risk Management, HR and Security as the coordinating unit in the day-to-day operations and in the annual reporting to the Audit and Risk Committee and the Board of Directors. The Compliance Department monitors how the group operationalizes relevant laws, rules and regulations in operational context, and how the group’s staff adhere to relevant rules and regulations, laws, licenses, agreements, standards for different industrial and commercial sectors, internal instructions etc. in the day-today operations. The Risk Management Department is responsible for developing systems, guidelines and procedures in order to identify, measure, report and follow up on the group’s most important inherent risks.
Reports on the group’s operations and risk situation throughout the year are submitted to the Audit and Risk Committee and the Board of Directors on an ongoing basis. The bank’s CEO submits an annual report to the Board of Directors including an overall assessment of the risk situation and an assessment confirming that the established internal control features function in a satisfactory manner. This report is based on confirmations received from managers at different levels throughout Sparebanken Møre.
Sparebanken Møre’s Internal Auditor reports on a regularly basis to the Audit and Risk Committee and the Board of Directors on the group’s internal control.
The group provides portfolio management for investment clients. The portfolio management is performed on behalf of clients, and related assets belong to the clients and not the group.
Sparebanken Møre utilizes financial derivatives in order to handle risk incurred as a result of the bank’s ordinary operations. The bank uses financial derivatives in its own trading to a very small extent. In the case of customer transactions, these shall as a main principle immediately be covered by an opposite transaction in the market.
The following derivatives are in use in Sparebanken Møre:
• Forward exchange contracts
An agreement to buy or sell a certain amount in a foreign currency, against a certain amount in another currency, at a rate agreed in advance, with payment at a certain time later than two working days after the agreement was entered into.
A transaction in which two parties agree to swap cash flows for an agreed amount over a certain period of time. In an interest rate swap, only the interest involved is swapped. In the case of an interest rate and currency swap, both the interest rate and currency conditions are swapped.
A legally binding agreement concerning a rate of interest which shall apply for a future period for a defined principal amount. Upon settlement, only the difference between the agreed interest rate and the actual market interest rate is exchanged.
A right, but not an obligation, to buy (a call option) or sell (a put option) a certain product at a rate agreed in advance (strike price). When entering into an option contract, the person or company buying a call or put option will have to pay a premium to the person or company writing the option. Options can be offered on the basis of a financial instrument or a raw material.
The risk relating to these financial instruments involves the credit risk of covering counterparts which are given prior credit clearance by the Board of Directors, as well as operational risk.
These instruments are primarily utilized to provide the bank's customers with reliable cash flows and a desired risk position in the various markets. Limits for financial instruments involving customers are established by the staff responsible for the customers in question. The limits shall fix a maximum amount for the bank’s exposure against each individual customer in relation to the customer’s business volume in financial instruments and the market-related development in these. Each member of staff responsible for the customer in question, is responsible for the establishment of the limit and must make sure that such a limit has been subject to the necessary formal credit-handling procedures, and that a sufficient level of collateral and/or other security has been established to cover the limit. Furthermore, the member of staff responsible for the customer in question, together with the dealer involved, are both responsible for making sure that the credit risk as a result of the customer’s exposure to financial instruments is at all times within the limits which have been agreed. In the case of all customers involved with financial instruments, a set-off agreement must be obtained. The purpose of this agreement is to reduce the bank’s credit exposure to the customer by having all contracts netted out so that the bank ends up with just a net exposure towards the customer. It is the member of staff responsible for the customer in question who is responsible for establishing a set-off agreement with the customer, making sure that all customers who use this type of financial instrument are made aware of the bank’s usual business terms and conditions.
The Department for Risk Management is responsible for follow-up, and for all internal reporting and reporting to the relevant authorities relating to the bank’s exposure to different counterparts as a result of trading in financial instruments.